<?php
require 'config/dataSource.php';
if (isset($_POST['submitButton'], $_POST['password'])) {
    /**
     * Below code section creates the variable for the new account which a user submits it
     * mysql_real_escape_string method is used to get rid off any sql injection threat
     * strip_tags method is used to get rid off any html tag injection threat
     */
    $firstName = mysql_real_escape_string($_POST['firstName']);
    $firstName = strip_tags($firstName);
    $lastName = mysql_real_escape_string($_POST['lastName']);
    $lastName = strip_tags($lastName);
    $userName = mysql_real_escape_string($_POST['userName']);
    $userName = strip_tags($userName);
    $email = mysql_real_escape_string($_POST['email']);
    $email = strip_tags($email);
    $password = mysql_real_escape_string($_POST['password']);
    $password = strip_tags($password);
    $passwordVerify = mysql_real_escape_string($_POST['passwordVerify']);
    $passwordVerify = strip_tags($passwordVerify);


    $goodUserName = false;
    $goodEmail = false;
    $goodPassword = false;
    $goodFirstName = false;
    $goodLastName = false;
    
    if (strlen($lastName) == 0) {
        $display = "Last Name cannot be left blank.";
        $goodLastName = false;
    } else {
        $goodLastName = true;
    }
    
     if (strlen($firstName) == 0) {
        $display = "First Name cannot be left blank.";
        $goodFirstName = false;
    } else {
        $goodFirstName = true;
    }
    
    /**
     * This block of codes checks for the lenght of password and also match password
     * with confirm password
     * valid password length is from 6-16
     */
    if (strlen($password) == 0) {
        $display = "Password cannot be left blank.";
        $goodPassword = false;
    } else if (strlen($password) < 6 || strlen($password) > 16) {
        $display = "Password size should be between 6..16";
        $goodPassword = false;
    } else if ($password != $passwordVerify) {
        $display = "Password does not match. Please try again.";
        $goodPassword = false;
    } else {
        $goodPassword = true;
    }
    
    if (!preg_match("/@.*spsu\.edu$/", $email)) {
        $display = "You must provide a SPSU email.";
        $goodEmail = false;
    } else {
        $userEmailQuery = mysql_query("SELECT * FROM user");
        if (mysql_num_rows($userEmailQuery) == 0) {
            $display = "email is valid";
            $goodEmail = true;
        } else {
            while ($row = mysql_fetch_assoc($userEmailQuery)) {
                if ($row['email'] == $email && $row['emailVerify']=="t") {
                    $display = "Email is already registered.Please try another.";
                    $goodEmail = false;
                } else if($row['email'] == $email && $row['emailVerify']=="f"){
                    $display = "Email is already registered. Activation needed.";
                    $goodEmail = false;
                }
                else {
                    
                    $goodEmail = true;
                    break;
                }
            }
        }
    }
    
    /**
     * This block of codes checks lenght of username
     * It also checks if the username is already taken
     * It also checks if the username is between 6..16 in size
     */
    if (strlen($userName) == 0) {
        $display = "Username cannot be left blank.";
        $goodUserName = false;
    } else if (strlen($userName) < 6 || strlen($userName) > 16) {
        $display = "Username size should be between 6..16";
        $goodUserName = false;
    } else {
        $userQuery = mysql_query("SELECT * FROM user");
        if (mysql_num_rows($userQuery) == 0) {
            $display = "Username is valid";
            $goodUserName = true;
        } else {
            while ($row = mysql_fetch_assoc($userQuery)) {
                if ($row['username'] == $userName) {
                    $display = "Username is taken. Please try another.";
                    $goodUserName = false;
                } else {
                    
                    $goodUserName = true;
                    break;
                }
            }
        }
    }
    
   
    

    if ($goodEmail && $goodUserName && $goodPassword && $goodFirstName && $goodLastName) {
        echo "Creating user <br />";
        $to = $email;
        $subject = "Waggle Project Team 5 Activation Account";
        $body = "This email is only used to activate your account on Waggle Forum." . PHP_EOL;
        $body.="Click on the link below to activate your account on Waggle Forum." . PHP_EOL;
        $body.="http://localhost/SWE_3613_Waggle_Project_2/verifyEmail.php?email=" . sha1($email) . PHP_EOL;
        $body.="Regards," . PHP_EOL;
        $body.="Team 5 Waggle Project" . PHP_EOL;

        $headers = "From: root@localhost.com";

        if (mail($to, $subject, $body, $headers)) {
            $date = getdate();
            $insertQuery = mysql_query("INSERT INTO user VALUES (DEFAULT,'" . $userName . "','" . $password . "','" . $email . "',"
                    . "'" . $firstName . "','" . $lastName . "','f','active','f','user',now(),now())");
            echo("Message successfully sent! Account has been created.
        ");
            echo ("<SCRIPT LANGUAGE='JavaScript'>
                            window.alert('A link has been send to your email for activation')
                            window.location.href='index.php';
                            </SCRIPT>");
        } else {
            echo("Account has not been created properly. Register again.  
        ");
        }
    }
}
?>
<html>
    <head>
        <meta charset="UTF-8">
        <link rel="stylesheet" href="css/newAccount.css">
        <title>New Account Page</title>
    </head>
    <body onload="document.userForm.reset()" style="background: url(images/background.jpg);">
        <div id="wrapper">

            <div id="head">

                <span>Return to log in page? <a class="newAccount" href="index.php">Go Home!</a></span>

            </div>
            <div id="container">
                <img src="images/spsu.png" style="height: 30%; width: 40%; margin-left: 30%;">

                <div id="discussion">

                    <h3 class="WaggleTopic">Sign up to Waggle</h3>

                    <hr/>
                    <form id="form1" method="post" name ="userForm">
                        <table style="border: 0px;" cellspacing="13">
                            <tr>
                                <td align="center"><label class="label">Username</label></td>
                                <td><input id ="user" name="userName" type="text" size="30"></td>

                            </tr>
                            <tr>
                                <td align="center"><label class="label">SPSU Email</label></td>
                                <td><input id ="user" name="email" type="text" size="30"></td>

                            </tr>
                            <tr>
                                <td align="center"><label class="label">Password</label></td>
                                <td><input id ="pass" name="password" type="password" size="30"></td>

                            </tr>
                            <tr>
                                <td align="center"><label class="label">Confirm Password</label></td>
                                <td><input id ="pass" name="passwordVerify" type="password" size="30"></td>
                            </tr>
                            <tr>
                                <td align="center"><label class="label">First Name</label></td>
                                <td><input id ="user" name="firstName" type="text" size="30"></td>

                            </tr>
                            <tr>
                                <td align="center"><label class="label">Last Name</label></td>
                                <td><input id ="user" name="lastName" type="text" size="30"></td>

                            </tr>

                            <tr>
                                <td colspan="2" align="center"><input id="signIn" type="submit" name="submitButton" value="Register"/></td>
                                
                            </tr>
                            <tr>
                                <td colspan="2" id="error">

                                    <?php
                                    if (isset($display)) {

                                        echo $display;
                                    }
                                    ?>


                                </td>
                            </tr>

                        </table>
                    </form>
                    </body>
                    </html>